MS Exchange got emergency patches for four critical zero-day flaws

Microsoft is pressing customers to install emergency patches as soon as possible. So far, there is only one highly skilled hacker group actively exploiting the vulnerabilities – named Hafnium – but the situation could change at any time. The best protection against this attack will be applying new patches now, not tomorrow or one week from today. More information about MS Exchange zero-days can be found below.

Read more

OneDrive Backup – risks, good practices and keeping your business data secure

Being able to transfer data between users easily, is key in running a successful business. So any program that allows you to do it can give you an advantage. One of such programs is OneDrive for Business provided by Microsoft. If it’s so widely-used, should you consider OneDrive Backup? OneDrive for Business is a cloud storage service allowing your users to store data and access it from any device they log on. This service offers great opportunities to improve your teams’ productivity. Allowing users to share files and collaborate on them in real-time. But all those pros, unfortunately, can be neglected if someone outside your company gains access to the user account. In this article, we will take a closer look at the risks involved in using OneDrive for business in your company, and how you can increase protection against those risks with a proper OneDrive Backup. 

Read more

Critical RCE flaw in VMware vCenter – fixed, so update now

After multiple proof-of-concept exploit scripts of VMware RCE new bug were published on GitHub, hackers started mass scanning for vulnerable Internet-exposed servers. The company patched the critical vulnerability already, but thousands of unpatched vCenter servers are still reachable over the Internet. This is a serious problem. It does look like this is the last moment for a safe update. More information about vCenter vulnerability can be found below.

Read more

Common Microsoft Office 365 issues, and how to solve them

Microsoft Office 365 is currently the most popular suite for productivity applications – thus it is important to mention the most common Office 365 issues. Microsoft 365 offers the most reliable solutions for improving team productivity, storage, and communication. But it doesn’t mean it’s impossible for some Office 365 issues to occur. The important thing here to remember is that not all problems are caused by bugs or inappropriate coding on the vendor site. The more probable option is that the Office 365 issue occurs, and can be fixed on the client-side. 

Read more

Masslogger comeback – a new and powerful variant steals Outlook and Chrome credentials

MassLogger malware has come back in a new variant which is much more powerful than the old spyware that has attacked the Windows platform for years. (Brand)New and better? Yes. We are dealing with a Trojan horse that tries to steal usernames and passwords from Microsoft Outlook, the Thunderbird email client, and password managers built into Google Chrome, Mozilla Firefox, Microsoft Edge and other browsers. Have you got any suspicious-looking email? Better never open it. Want to find out more about MassLogger? Check the article below for more information.

Read more

Bitbucket down – why backup Bitbucket?

Bitbucket is considered a proven, secure Git repository management solution used by millions of companies worldwide. However, as in most services, there are moments of Bitbucket down. You might be lucky to not see for yourself what Bitbucket down means, but trust me – some other companies already experienced service outages or other problems, and more will. If you don’t want to join a group of users affected by Bitbucket problems, you might want to consider bringing in an additional layer of security in the form of a proper backup. In this article, we will talk about why you need one, and generally about why you should protect your Bitbucket repositories.

Read more

Dependency Confusion – a new cyberattack method takes advantage of open ecosystems

A novel supply chain attack, called dependency confusion or a substitution attack, takes advantage of the open ecosystem that many businesses use as part of their app development process. And given that business apps have become increasingly important, any threat to the app development supply chain could potentially have huge implications. Found this short intro interesting? Then click and read the whole new episode of the Xopero Security Center.

Read more

GitHub down – why backup GitHub?

Does your company use GitHub? And if so how do you protect your data there? You might be wondering why I’m asking that question when you consider GitHub as some sort of protection for your code. Well, you might be lucky enough to not see for yourself what exactly GitHub down means, but many users experienced problems with the service outage, and so will many do in the future. But there are some things you can do to ensure your data safety and accessibility when a failure occurs to GitHub. In this article, we will talk about why you need to protect your GitHub repos, and how to do it with a proper backup.

Read more